Digital Certificate Authentication System

Product Overview

The digital certificate authentication system is a certificate service system based on PKI technology independently developed by Guotai Network Information. The system adopts the X.509V3 standard and supports various algorithms such as SM1, SM2, SM3, SM4. It also supports domestic platforms and operating systems, and is a core component of PKI system construction for government, finance, securities, power, enterprises, certificate operation centers, and others. The system has implemented full lifecycle management of digital certificates and has an integrated version. The product has undergone domestic compatibility adaptation and can be provided with a Xinchuang version.

Features

Registration review system:Responsible for reviewing user registration request materials, submitting requests to CA for user certificate registration, update, extension, freezing, unfreezing, revocation, and recovery, as well as certificate production, download, and other services. Provide functions such as registration application management, certificate operation management, and log management.

Certificate issuance system:Responsible for issuing, updating, freezing, unfreezing, revoking, restoring, archiving, and publishing institutional and user certificates, as well as issuing and publishing CRLs, providing configuration management functions such as certificate management, certificate chain/certificate revocation list management, log management, and system management.

Certificate storage and publishing system:Responsible for the storage, management, and maintenance of system certificates and revocation lists, providing fast and accurate query and download services for application systems using certificates.

Certificate status query system:Provide status verification services based on certificate serial numbers, certificate data, etc., in compliance with the OCSP certificate status query protocol, and provide supporting management interfaces.

System management:Provide role-based access control, where users authenticate using USBKey and perform different levels of management operations based on their roles to ensure system security and reliability.

Security Audit:Each subsystem of the digital certificate authentication system provides security audit functions, including the certificate registration system RA, certificate issuance system CA, key management system KM, and certificate status query system OCSP. Security auditing provides event level operational security auditing, tracking, summarizing, and analyzing records of behaviors, personnel, and time related to system security.

system architecture